FEDEO/src/routes/auth/me.ts

import { FastifyInstance } from "fastify";

export default async function meRoutes(server: FastifyInstance) {
    server.get("/me", async (req, reply) => {
        const authUser = req.user  // kommt aus JWT (user_id + tenant_id)

        if (!authUser) {
            return reply.code(401).send({ error: "Unauthorized" })
        }

        const user_id = req.user.user_id
        const tenant_id = req.user.tenant_id

        // 1. User laden
        const { data: user, error: userError } = await server.supabase
            .from("auth_users")
            .select("id, email, created_at, must_change_password")
            .eq("id", authUser.user_id)
            .single()

        if (userError || !user) {
            return reply.code(401).send({ error: "User not found" })
        }

        // 2. Tenants laden (alle Tenants des Users)
        const { data: tenantLinks, error: tenantLinksError } = await server.supabase
            .from("auth_users")
            .select(`*, tenants!auth_tenant_users ( id, name,short, locked, extraModules, businessInfo, numberRanges, dokuboxkey, standardEmailForInvoices, standardPaymentDays )`)
            .eq("id", authUser.user_id)
            .single();

        if (tenantLinksError) {

            console.log(tenantLinksError)

            return reply.code(401).send({ error: "Tenant Error" })
        }

        const tenants = tenantLinks?.tenants

        // 3. Aktiven Tenant bestimmen
        const activeTenant = authUser.tenant_id /*|| tenants[0].id*/

        // 4. Profil für den aktiven Tenant laden
        let profile = null
        if (activeTenant) {
            const { data: profileData } = await server.supabase
                .from("auth_profiles")
                .select("*")
                .eq("user_id", user.id)
                .eq("tenant_id", activeTenant)
                .single()

            profile = profileData
        }

        // 5. Permissions laden (über Funktion)
        const { data: permissionsData, error: permissionsError } = await server.supabase
            .rpc("auth_get_user_permissions", {
                uid: user.id,
                tid: activeTenant || null
            })

        if(permissionsError) {
            console.log(permissionsError)
        }

        const permissions = permissionsData.map(i => i.permission) || []

        // 6. Response zurückgeben
        return {
            user,
            tenants,
            activeTenant,
            profile,
            permissions
        }
    })
}